QASource Newsletter

Shieldcast: Q1-2016

Modern applications are built on a tangle of technologies that have been developed over time and then haphazardly pieced together. Every piece of application more specifically web applications stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. Security testing is therefore a very important part of testing applications. Application security testing should address all the measures that needs to be implemented throughout the entire software development life cycle, so that vulnerabilities may be addressed in a timely and thorough manner.

SHIELDCAST: The quarterly security Newsletter from QASource; delivers the best practices, latest updates, tips and the knowledge required for security testing of applications: be it Web, Mobile or Desktop.

What Should Testing Report Contain?

Security Threat Details

Information on security threats that can potentially exploit the application.

Root Cause

What is the root cause of the security issue? We can define the security flaw that has been determined.

Testing Technique Used

Which testing technique has helped in finding the issue? Whether it is pen test, security test or source code analysis.

Remediation of Vulnerability

What could be the fix? Do we need any requirement change, code change or any configuration change?

Risk Rating of Vulnerability

What risk it poses to the application. Whether it is Critical, High, Medium or Low.

Suggestions?

We would love to hear your feedback, questions, comments and suggestions. This will help us to make us better and more useful next time.Share your thoughts and ideas at knowledgecenter@qasource.com

Disclaimer

The logos used in this post are owned by the individual companies of each logo or trademark. The logo is not authorized by, sponsored by, or associated with the trademark owner, but QASource is using the logos only for reviewing purposes. The endorsement of the used logos by QASource is neither intended nor implied.

Request A Quote

Written by QA Experts

QASource Blog, for executives and managers, shares QA strategies, methodologies, and new ideas to inform and help effectively deliver quality products, websites, and applications.

Subscribe to our blog

QASource exists to help organizations like yours enjoy the benefits of a full QA department without the associated setup cost and hassle. With an emphasis on time-bound delivery and customized solutions, we excel at helping our partners manage the quality of their deliverables while keeping costs low.

QASource uses cookies to optimize users' experience. Click "Agree and Proceed" button to confirm your consent to the use of cookies. OR, by continuing to use this website, you implicitly accept the use of cookies. Find out more